ET MALWARE Observed Atomic macOS (AMOS) Stealer Payload Deliver Domain (xn--tradgsvews-0ubd3y .com) in TLS SNI

SID: 2047972Rev: 27 views
History
Sourceet/open
CreatedSeptember 7, 2023
UpdatedOctober 2, 2024
Classificationtrojan-activity
alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MALWARE Observed Atomic macOS (AMOS) Stealer Payload Deliver Domain (xn--tradgsvews-0ubd3y .com) in TLS SNI"; flow:established,to_server; tls.sni; bsize:25; content:"xn--tradgsvews-0ubd3y.com"; fast_pattern; reference:url,www.malwarebytes.com/blog/threat-intelligence/2023/09/atomic-macos-stealer-delivered-via-malvertising; classtype:trojan-activity; sid:2047972; rev:2; metadata:affected_product Mac_OSX, attack_target Client_Endpoint, created_at 2023_09_07, deployment Perimeter, malware_family AMOS_Stealer, performance_impact Low, confidence High, signature_severity Major, updated_at 2024_10_02, reviewed_at 2024_10_02;)

References

urlwww.malwarebytes.com/blog/threat-intelligence/2023/09/atomic-macos-stealer-delivered-via-malvertising

Metadata

affected productMac_OSX
attack targetClient_Endpoint
created at2023_09_07
deploymentPerimeter
malware familyAMOS_Stealer
performance impactLow
confidenceHigh
signature severityMajor
updated at2024_10_02
reviewed at2024_10_02

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!